Avoid keeping sensitive info in a code repo – how to remove files from git version history

One of the vulnerabilities that are really easy to exploit is when people leave super-sensitive information in source code - and you get your hands on this source code. In early prototyping a lot of people will hardcode passwords and certificate keys in their code, and remove it later when moving to production code. Sometimes… Continue reading Avoid keeping sensitive info in a code repo – how to remove files from git version history

What does the GDPR (General Data Protection Regulation) mean for your company’s privacy protection and cybersecurity?

The EU is ramping up the focus on privacy with a new regulation that will be implemented into local legislations in the EEC area from 2018. The changes are huge for some countries, and in particular the sanctions the new law is making available to authorities should be cause for concern for business that have… Continue reading What does the GDPR (General Data Protection Regulation) mean for your company’s privacy protection and cybersecurity?

Physically tracking people using their cloud service accounts

Nobody likes being tracked. Still, most people store a detailed account of their movements on their phones, often shared with multiple apps. If you can get access to some of these user accounts you can track their whereabouts down to a relatively detailed level. In real time. Tracking People - Google Maps Style I have… Continue reading Physically tracking people using their cloud service accounts

6 things everyone can do to avoid hacking by cyber criminals

Protecting your personal data is important, whether you are a teenager or in retirement. A lot of people are confused about what they can do to avoid becoming victims of internet fraud. Cyber criminals use phishing attacks - email scams where they trick you to click a download link to viruses, or to open attachments… Continue reading 6 things everyone can do to avoid hacking by cyber criminals

Major discount grocery store chain (REMA 1000) exposes their whole customer database

REMA1000 did not use any form of authentication on their customer database used by a loyalty program. They claim that this is nothing to worry about. I disagree. Identity theft, blackmail and potential surveillance are threats worth worrying about. REMA1000, a Norwegian discount store chain, recently released a new customer loyalty program they named 'Æ'.… Continue reading Major discount grocery store chain (REMA 1000) exposes their whole customer database

40 tracking cookies from 2 news sites: this is why you need VPN

You have probably (hopefully) been told that open wifi is insecure, and that you should use a virtual private network to encrypt and protect your traffic. Most people don't do this, perhaps because it seems hard to do? Opera software now offers free VPN. It is built into the browser on the desktop, and a standalone… Continue reading 40 tracking cookies from 2 news sites: this is why you need VPN